从非www域重定向到www域时,Laravel Forge、Nginx和SSL上的域重定向循环
我使用Laravel Forge上的Let's Encrypt设置了HTTPS,并使用Laravel中间件将非安全域重定向到安全域:从非www域重定向到www域时,Laravel Forge、Nginx和SSL上的域重定向循环,laravel,nginx,laravel-forge,Laravel,Nginx,Laravel Forge,我使用Laravel Forge上的Let's Encrypt设置了HTTPS,并使用Laravel中间件将非安全域重定向到安全域: if ( env('APP_ENV') === 'production' ) { $request->setTrustedProxies([$request->getClientIp()]); if ( !$request->secure() ) { return redirect()->secure($r
if ( env('APP_ENV') === 'production' ) {
$request->setTrustedProxies([$request->getClientIp()]);
if ( !$request->secure() ) {
return redirect()->secure($request->getRequestUri());
}
}
return $next($request);
下面是我的example.com
(不是实际的域)Nginx配置:
# FORGE CONFIG (DOT NOT REMOVE!)
include forge-conf/example.com/before/*;
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name example.com;
root /home/forge/example.com/public;
# FORGE SSL (DO NOT REMOVE!)
ssl_certificate /etc/nginx/ssl/example.com/120143/server.crt;
ssl_certificate_key /etc/nginx/ssl/example.com/120143/server.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers '[...]';
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/nginx/dhparams.pem;
index index.html index.htm index.php;
charset utf-8;
# FORGE CONFIG (DOT NOT REMOVE!)
include forge-conf/example.com/server/*;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
access_log off;
error_log /var/log/nginx/example.com-error.log error;
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
}
# FORGE CONFIG (DOT NOT REMOVE!)
include forge-conf/example.com/after/*;
# FORGE CONFIG (DOT NOT REMOVE!)
include forge-conf/www.example.com/before/*;
server {
listen 80;
server_name www.example.com;
return 301 $scheme://example.com$request_uri;
}
# FORGE CONFIG (DOT NOT REMOVE!)
include forge-conf/www.example.com/after/*;
下面是我的www.example.com
配置:
# FORGE CONFIG (DOT NOT REMOVE!)
include forge-conf/example.com/before/*;
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name example.com;
root /home/forge/example.com/public;
# FORGE SSL (DO NOT REMOVE!)
ssl_certificate /etc/nginx/ssl/example.com/120143/server.crt;
ssl_certificate_key /etc/nginx/ssl/example.com/120143/server.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers '[...]';
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/nginx/dhparams.pem;
index index.html index.htm index.php;
charset utf-8;
# FORGE CONFIG (DOT NOT REMOVE!)
include forge-conf/example.com/server/*;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
access_log off;
error_log /var/log/nginx/example.com-error.log error;
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
}
# FORGE CONFIG (DOT NOT REMOVE!)
include forge-conf/example.com/after/*;
# FORGE CONFIG (DOT NOT REMOVE!)
include forge-conf/www.example.com/before/*;
server {
listen 80;
server_name www.example.com;
return 301 $scheme://example.com$request_uri;
}
# FORGE CONFIG (DOT NOT REMOVE!)
include forge-conf/www.example.com/after/*;
一切正常,HTTP重定向到HTTPS,www重定向到非www,但我想做相反的事情,将非www重定向到www
return 301 $scheme://www.example.com$request_uri;
转到example.com
,并在www.example.com
配置中将其注释掉以删除循环,但它不起作用:
www.example.com redirected you too many times.
我还试图将非www配置的内容复制到www配置,并在那里收听443,但它仍在无休止地重定向。我做错了什么?谢谢您的时间。我建议以下方法: www.example.com应该是
# FORGE CONFIG (DOT NOT REMOVE!)
include forge-conf/www.example.com/before/*;
server {
listen 80;
server_name www.example.com;
return 301 https://www.example.com$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name www.example.com;
root /home/forge/example.com/public;
# FORGE SSL (DO NOT REMOVE!)
ssl_certificate /etc/nginx/ssl/example.com/120143/server.crt;
ssl_certificate_key /etc/nginx/ssl/example.com/120143/server.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers '[...]';
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/nginx/dhparams.pem;
index index.html index.htm index.php;
charset utf-8;
# FORGE CONFIG (DOT NOT REMOVE!)
include forge-conf/example.com/server/*;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
access_log off;
error_log /var/log/nginx/example.com-error.log error;
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
}
# FORGE CONFIG (DOT NOT REMOVE!)
include forge-conf/www.example.com/after/*;
# FORGE CONFIG (DOT NOT REMOVE!)
include forge-conf/example.com/before/*;
server {
listen 80;
server_name example.com;
return 301 $scheme://www.example.com$request_uri;
}
include forge-conf/example.com/after/*;
example.com应该是
# FORGE CONFIG (DOT NOT REMOVE!)
include forge-conf/www.example.com/before/*;
server {
listen 80;
server_name www.example.com;
return 301 https://www.example.com$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name www.example.com;
root /home/forge/example.com/public;
# FORGE SSL (DO NOT REMOVE!)
ssl_certificate /etc/nginx/ssl/example.com/120143/server.crt;
ssl_certificate_key /etc/nginx/ssl/example.com/120143/server.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers '[...]';
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/nginx/dhparams.pem;
index index.html index.htm index.php;
charset utf-8;
# FORGE CONFIG (DOT NOT REMOVE!)
include forge-conf/example.com/server/*;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
access_log off;
error_log /var/log/nginx/example.com-error.log error;
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
}
# FORGE CONFIG (DOT NOT REMOVE!)
include forge-conf/www.example.com/after/*;
# FORGE CONFIG (DOT NOT REMOVE!)
include forge-conf/example.com/before/*;
server {
listen 80;
server_name example.com;
return 301 $scheme://www.example.com$request_uri;
}
include forge-conf/example.com/after/*;
只需切换配置,将www添加到那些配置文件中的非www即可。另外,由于您正在使用Lets Encrypt for SSL,您可能需要切换
SSL\u证书
和SSL\u证书
的配置以指向正确的文件
ssl_certificate /etc/nginx/ssl/www.example.com/120143/server.crt;
ssl_certificate_key /etc/nginx/ssl/www.example.com/120143/server.key;
只需重新启动计算机以刷新网络缓存
一切正常,HTTP重定向到HTTPS,www重定向到非www,但我想做相反的事情,将非www重定向到www
根据,发生这种情况是因为默认的
forge conf/example.com/before/redirect.conf
(您从未提及,但仍必须包括在内)必须仍然包含一个server
定义,该定义包含server\u name www.example.com
和返回301$scheme://example.com$request_uri代码>,因此,当您尝试在自己的配置中执行相反的重定向
,以及必须保留的默认配置时,您会创建一个完整的重定向循环。同样的事情:域重定向了您太多次
。如果我关注www域,出于某种原因,我会被重定向到非www域;我重新启动了Nginx。你清理了浏览器缓存吗@班安德烈·怀斯。只是在另一个完全干净的浏览器中尝试了一下,同样的错误。我做了,不起作用。www版本的/etc/nginx/ssl
下没有证书/密钥,我尝试复制它们并更改相应配置中的路径,但也没有帮助。您不复制它,但是使用encrypt/letsencrypt auto certonly-a webroot--webroot path=/var/www/html-d example.com-d www.example.com